﻿<?php
	include '../inc/conn.php';

	session_start();	
?>
<!DOCTYPE html>
<html>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<link href="/css/bootstrap.min.css" rel="stylesheet">
<link href="/css/bootstrap-theme.min.css" rel="stylesheet">
<head>
<title>用户管理单</title>
<?
	extract($_POST);
	extract($_GET);
	unset($_POST,$_GET);
	if (isset($act) && isset($id))
	{
		if ($act == "del"){
			$db = new mysql();
			$db->delete('users', "id=".$id);
			$db->close();
			echo "<script>alert('User Data has deleted!!!');window.location='admin_index.php?name=users';</script>";
		}
	}
	if ($act == "add" && isset($username) && isset($password)){
		$db = new mysql();
		$sql="INSERT INTO `users` (`name`, `chn_name`,`password`, `department`) values('".htmlentities($username,ENT_QUOTES)."', '".htmlentities($chnname,ENT_QUOTES)."', '".md5($password)."', '"
			.htmlentities($department,ENT_QUOTES)."')";
		$db->query($sql);
		$db->close();
		echo "<script>alert('User has added!!');window.location='admin_index.php?name=users';</script>";
	}

	if ($act == "update" && isset($username) && isset($password) && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="Name='".htmlentities($username,ENT_QUOTES)."', Password='".md5($password)."', 
			Department='".htmlentities($department,ENT_QUOTES)."', chn_name='".htmlentities($chnname,ENT_QUOTES)."'";	
			
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('User Data changed!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}

	if ($act == "dis" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="enable=0";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('User disable OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}
	
	if ($act == "en" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="enable=1";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('User enable OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}

	if ($act == "setadmin" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="level=0";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('Set admin OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}
	
	if ($act == "setnormal" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="level=1";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('Set normal OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}
	
?>
</head>
<body class="background">
<?
	if ($act == "mod"){
		include "admin_top.php";
	}
?>
<div class="container">
<? if ($_SESSION['user'] != 1){  ?>
<div class="panel panel-primary">
    <div class="panel-heading">
        <h3 class="panel-title">管理员登陆</h3>
    </div>
    <div class="panel-body">
		<div class="well"> 
			<div style="form-group">
				<form class="form-inline" method="post">
					密码：<input type="password"  placeholder="Password" class="form-control" name="passwd"><button type="submit" class="btn btn-info">登录</button>
				</form>
			</div>
		</div>
	</div>
</div>
<? } else {?>
<div class="panel panel-primary">
    <div class="panel-heading">
        <h3 class="panel-title">管理面板>>用户管理</h3>
    </div>
    <div class="panel-body">
	<div>

<? 
	if ($act != "mod") {
?>
	<div class="page-header alert text-warning">
		<div class="well"> 
			<div style="form-group">
				<form action="admin_users.php?act=add" method="post" class="form-inline">
					用名：<input type="text" class="form-control" name="username">
					中文名：<input type="text" class="form-control" name="chnname">
					密码：<input type="password"  placeholder="Password" class="form-control" name="password">
					部门：<select name="department" id="department" class="span1 form-control">
						<option value="TE">TE</option>
						<option value="EE">EE</option>
						<option value="IE">IE</option>
						<option value="ME">ME</option>
						</select>
					<button type="submit" class="btn btn-primary">添加</button>
				</form>
			</div>
		</div>
	</div>
<?
 } else { 
	$db = new mysql();
	$sql = "select * from users where id=".$id;
	$db->query($sql);
	$num = $db->db_num_rows();
	if ($num == 0)
		die("No data was found!");
	$row = $db->fetch_assoc();
?>
	<div class="page-header alert text-warning">
		<div class="well"> 
			<div style="form-group">
				<form action="admin_users.php?act=update&id=<? echo $row['ID']; ?>" method="post" class="form-inline">
					用名：<input type="text" class="form-control" name="username" readonly="readonly" value="<? echo $row['Name']; ?>">
					中文名：<input type="text" class="form-control" name="chnname" value="<? echo $row['chn_name']; ?>">
					密码：<input type="password"  placeholder="Password" class="form-control" name="password">
					部门：<select name="department" id="department">
<? 
	if ($row['Department'] == "TE") 
		echo '<option value="TE" selected="selected">TE</option>';
	else
		echo '<option value="TE">TE</option>';
		
	if ($row['Department'] == "EE") 
		echo '<option value="EE" selected="selected">EE</option>';
	else
		echo '<option value="EE">EE</option>';
	
	if ($row['Department'] == "IE") 
		echo '<option value="IE" selected="selected">IE</option>';
	else
		echo '<option value="IE">IE</option>';	
	if ($row['Department'] == "ME") 
		echo '<option value="ME" selected="selected">ME</option>';
	else
		echo '<option value="ME">ME</option>';	
?>
						</select>
		
					<button type="submit" class="btn btn-info">修改</button>
				</form>
			</div>
		</div>
	</div>
<? $db->close(); } ?>	
	<div>
		<table border=0 cellpadding=0 class="table table-hover">
		<tr><th>Item</th><th>用户名</th><th>中文名</th><th>密码</th><th>部门</th><th>操作</th></tr>
<?
		$db = new mysql();
		$db->query("select * from users");
		$num = $db->db_num_rows();
		for($i=0; $i<$num; $i++){
			$row = $db->fetch_assoc();
			$item = $i + 1;
			echo "<tr>";
			echo "<td>$item</td>";
			echo "<td>".htmlspecialchars_decode($row['Name'])." </td>";
			echo "<td>".htmlspecialchars_decode($row['chn_name'])." </td>";
			echo "<td>".htmlspecialchars_decode($row['Password'])."</td>";
			echo "<td>".htmlspecialchars_decode($row['Department'])."</td>";
			echo "<td><a href=\"admin_users.php?act=mod&id=".$row['ID']."\" rel='tooltip' title='修改用户信息'>[改]</a>&nbsp;|&nbsp;<a href=\"admin_users.php?id=".$row['ID']."&act=del\" rel='tooltip' title='删除表内容，当心哦~~~'><font color='red'>删</font></a>";
			if ($row['enable']==1)
				echo " | <a href=\"admin_users.php?act=dis&id=".$row['ID']."\" rel='tooltip' title='禁用'>[禁]</a>";
			else
				echo " | <a href=\"admin_users.php?act=en&id=".$row['ID']."\" rel='tooltip' title='启用'>[启]</a>";

			if ($row['level']==1)
				echo " | <a href=\"admin_users.php?act=setadmin&id=".$row['ID']."\" rel='tooltip' title='设置为管理员'>[管]</a></td>";
			else
				echo " | <a href=\"admin_users.php?act=setnormal&id=".$row['ID']."\" rel='tooltip' title='设置为普通'>[普]</a></td>";

			echo "</tr>\n";
		}
?>
		</table>
	</div>
</div>
</div>
<? }?>
<script src="/js/jquery.min.js"></script>
<script src="/js/bootstrap.min.js"></script>
<?
	if ($act == "mod"){
		//include '../bottom.php';
	}
?>
</body>
</html>
<?  
	$db->close();
?>
